Consider performing sanity check on newly obtained certificates

[mholt]

Today's (relatively minor) Let's Encrypt incident (more info on HN - and on LE forums) makes me wonder if we should perform some checks on the certificates in case CAs have bugs that would cause browsers to reject the certs.

This function can probably get us a long way: https://pkg.go.dev/crypto/x509#Certificate.Verify - realizing that not all certificates trusted on the server will be trusted on clients.

This linter library can perhaps be helpful: https://pkg.go.dev/github.com/zmap/zlint#LintCertificate

In particular, today's incident involved invalid SCT signatures. Verifying this would probably involve calling out to some CT log. 😕

These kinds of bugs are very rare I think.

In fact, most CAs are/should be linting their certificates before issuing them... the reason today's incident wasn't caught was because this particular check does require an external resource.

So I dunno. I feel like it could be useful to have a mode (maybe optional? at least to start) that would vet all obtained certificates and, if the configured checks fail, move onto the next CA and get a certificate from that one instead.

Opening this issue for a discussion.